[Top] [All Lists]

Re: draft-segmuller-sieve-relation-01.txt

2001-10-03 09:05:40

> Ah, but therein lies the problem: The sieve specification quite clearly
> states that envelope only operates on the single recipient address the
> sieve is associated with.

> Short of revising the base sieve specification, this isn't something
> you're going to be able to do. And given the security issues I see no
> chance of such a revision passing muster.

Ok, I'll remove any reference to server wide Sieve scripts.

What if I add the notation:

With the current Sieve specifications, this extension has limited uses when
used with the envelope test.  The test for envelope "to" will always return
1 and the envelope "from" will always return either 0 or 1.

There are two problems with this. One is that it isn't true in the case of
:value; using value tests on both envelope from and to could be useful.
(Remember that the envelope to could include a subaddress.)

The second problem is that it implies that there are 0 or 1 envelope from
addresses. This is incorrect; there is always an envelope from field, which can
be blank.

As I pointed out before, :count probably should return 0 if the envelope from
is blank and you used it with :localpart or :domain. But I don't think it
should return 0 if it is used with :all and the envelope from is blank.

(Actually I don't particularly care how this is resolved as long as the
specification is clear about what should happen.)

Come to think of it, it is possible that an envelope to address is
syntactically invalid as well (lots of implementations support delivery to part
local parts) so I guess it is possible, albeit nonstandard, for :count to
return 0 for an envelope to as well.

How about the following paragraph instead:

 :count has limited uses when used with the envelope test.  In particular,
 this are always exactly one envelope from and envelope to address available
 to be tested.

You might also want to describe how you want the interaction with
:localpart and :domain to work.

And in the security section:

An implementation MUST ensure that the test for envelope "to" only reflects
the delivery to the current user.

This ia good addition.